search

bitly / oauth2_proxy

A reverse proxy that provides authentication with Google, Github or other provider
MIT License
5.1k stars 1.21k forks source link

Github Oauth UserName Issues #642

Closed colearendt closed 5 years ago

colearendt commented 5 years ago

Hello,

I have been wrestling with this for a while, and (in the absence of a Go environment) I cannot figure out from the Go code how GitHub Oauth picks up the username it is getting. I am using auth_request and am getting back, instead of the login returned by GitHub's /user endpoint, the first portion of the email address.

The code here seems to very clearly show grabbing Login off of the /user endpoint:

https://github.com/bitly/oauth2_proxy/blob/b0c1c851770ec12b72e211e4c68c3dd37d5f9638/providers/github.go#L238-L279

The only caveat would be if the Session object already has a User defined, which does not seem to be case based on the GitHub documentation I have read.

https://github.com/bitly/oauth2_proxy/blob/a94b0a8b25e553f7333f7b84aeb89d9d18ec259b/oauthproxy.go#L248-L253

The only other possibility I could figure would be based on what is entered in the form, but that is the same as GitHub login. Needless to say, I am lost, as the result I am getting back from the Oauth proxy is the following (where login is myuser, no period):

GET / HTTP/1.1
Connection: close
X-User: my.user
X-Email: my.user@gmail.com
Host: oauth2-debug:8080

Reason: To do authorization within the app, I want to be able to reproduce the username values, and stripping the @... off of the email seems kinda ugly, not to mention impossible to do before the Oauth handshake has taken place (most emails are hidden on Github).

Related question - there are log.Printf statements in the code that are not being rendered to standard out. Is there an option for increasing log verbosity? I am happy to put in a PR for doc updates if there is an undocumented option for doing so - I couldn't find anything in the code, but again I am not a Go programmer. :)

Thanks!

colearendt commented 5 years ago

Oh, and this is where the XAuthUser is set... which should be what I am picking up:

https://github.com/bitly/oauth2_proxy/blob/a94b0a8b25e553f7333f7b84aeb89d9d18ec259b/oauthproxy.go#L692-L697

ploxiln commented 5 years ago

The GitHub provider code you're looking at was merged after the v2.2 release of oauth2_proxy so you'll need to build the master branch from source.

colearendt commented 5 years ago

Confirmed that this is the case! Building from source resolved. Thanks so much for the help!

If there are any options on log verbosity that are in the code but are not documented, please point me to them and I will be happy to make a PR documenting the options.